On Thu, 10 Jul 2003, Owen DeLong wrote: > I have an application where I have a device that will be doing group > membership queries against my radius server looking for members in > a group called "foo" of the form "[EMAIL PROTECTED]". Is there any way > to jury rig radius such that it will: > > Only permit @blah.zorp and reject any other @foo.blah.
DEFAULT Realm !~ "blah.zorp", Auth-Type := Reject > > Take user from [EMAIL PROTECTED] and look it up in LDAP. ldap { [...] filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" } > > Return True if user is found and fals if usre is not found. authorize{ ldap { notfound = return } } Something like this... > > If anyone has any handy config examples for how to accomplish this, > I'd be _VERY_ appreciative. > > Thanks, > > Owen > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html